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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)^1 Responsive to communication(s) filed on 02 May 2005 . 
2a)K This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) ^ Claim(s) 1^9 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1^9 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)Q Some * c)Q None of: 

1 0 Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Response to Arguments 

1 . Applicant's arguments filed 5/2/25005 have been fully considered but they are 
not persuasive. 

2. With regard to claims 1 and 9, and Applicant's assertion that claims 1 and 9 differ 
from Ishizaki since they recite "a virtual router unit is located within a router, which is an 
edge node router to accommodate a user of a virtual private network service" (Page 6, 
Lines 13-14 of Remarks), the Examiner respectfully disagrees. An edge node router is 
merely a router located at the edge of a network, which routes data from one network to 
another. The router disclosed by Ishizaki is an edge node router, as it forms the edge of 
two distinct networks and routes data between them (VPN Site 1 -> Router; VPN Site 2 
-> Router)(Par 37). 

3. With further regard to claims 1 and 9, and Applicant's assertion that "applicant's 
claim is different because the reference describes the router within the data center, the 
end point, while applicant's router is directly accommodating VPN users" (Page 6, Lines 
14-16 of Remarks), it is noted that such a limitation does not appear in claims 1 or 9. 
Even if such a limitation were present, the router disclosed by Ishizaki directly 
accommodates the VPN users, as each user connects to the router through a private 
network. 
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4. With regard to claims 2 and 3, and Applicant's assertion that Ho "fails to describe 
that the service tunnel is established between VRs of a same VPN" (Page 7, Lines 11- 
13 of Remarks), the Examiner respectfully disagrees. Ho clearly shows that the virtual 
routers are part of the same virtual private network (at least Par 36 and 44). 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

6. Claims 1 and 9 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Ishizaki et al. (US 2002/01 56828). 

7. With regard to claims 1 and 9, Ishizaki discloses a system providing virtual 
private network service by using an IP network (networks use IP) (at least Par 38) 
including a plurality of routers, wherein a router, which is an edge node router to 
accommodate a user of the virtual private network service (Par 37), including a plurality 
of virtual router units corresponding to different users of the virtual private network 
service (Par 38, Lines 4-6), and each of the virtual router units comprising: a routing 
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table storing routing information for transferring a packet of a corresponding user in the 
IP network (Par 38, Lines 10-13), and a controller unit controlling a transfer of a packet 
of a corresponding user via at least one of the plurality of routers in the IP network by 
referencing said routing table (Par 38, Lines 1-4). 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 2 and 3 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ishizaki et al. (US 2002/0156828) in view of Ho et al. (US 2002/0116501). 

10. With regard to claims 2 and 3, while the system disclosed by Ishizaki shows 
substantial features of the claimed invention (discussed above), it fails to disclose a 
setting unit setting up a control channel transferring the routing information between 
virtual router units belonging to the same virtual private network or that the control 
channel is an IP tunnel. 

Ho teaches a method of transferring routing information between virtual 
routers belonging to the same virtual private network using an IP tunnel (Par 44-48). Ho 
discloses setting up a control channel (service tunnel) (Par 46) transferring routing 
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information (reachability, addressing, etc)(Par 86) between virtual router units belonging 
to the same virtual private network (Par 44) and that the control channel is an IP tunnel 
(Par 48). Transferring the routing information via an IP tunnel allows the information to 
be transferred securely between the virtual routers since the packets are encrypted and 
remain hidden from other outside the VPN (Par 44). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to transfer the routing information between the virtual 
router units using an IP tunnel. This would have allowed the information to be 
transferred securely since the packets are encrypted in the tunnel and hidden from 
users outside the VPN. 

11. Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Ishizaki et 
al. (US 2002/01 56828) in view of Rao et al. (US 6,674,756). 

12. With regard to claim 4, while the system disclosed by Ishizaki shows, substantial 
features of the claimed invention (discussed above), it fails to disclose that identification 
information identifying a virtual private network corresponding to a first virtual router unit 
arranged within a first router is broadcast from the first virtual router unit to other 
routers; reply information is returned from a virtual router unit, which belongs same 
virtual private network as a virtual private network identified according to the 
identification information, to the first virtual router unit; and the first virtual router unit 
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detects configuration of a corresponding virtual private network based on the reply 
information. 

Rao teaches a method of detecting configuration of a virtual private network 
wherein identification information identifying a virtual private network is broadcast from a 
first virtual router to other routers (Col 9, Lines 44-51 ), reply information is returned from 
a virtual router which belongs to the same virtual private network (virtual router replies if 
call request is accepted) (Col 9, Lines 47-51 ), and the first virtual router detects 
configuration of a corresponding virtual private network based on the reply 
(configuration information is returned) (Col 9, Line 66 to Col 10, Line 5). This allows a 
virtual router to obtain configuration information from other virtual routers that support a 
desired connection type, and set up the connection. 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to detect a configuration of a virtual private network using 
the method taught by Rao. The method taught by Rao would have allowed a virtual 
router to obtain configuration information for a desired connection type from other virtual 
routers which support that connection, and initiate that connection. 

13. Claims 5 and 6 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ishizaki et al. (US 2002/0156828) in view of Rao et al. (US 6,674,756) in further view of 
Casey (US 6,493,349). 
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14. With regard to claim 5, while the system disclosed by Ishizaki shows substantial 
features of the claimed invention (discussed above), it fails to disclose that identification 
information for identifying a virtual private network corresponding to a first virtual router 
unit arranged within a first router is broadcast from the first virtual router unit to other 
routers; reply information is returned from a second virtual router unit, which belongs to 
a same virtual private network as a virtual private network identified according to the 
identification information, to the first virtual router unit; and a control channel for 
transferring the routing information is set up between the first virtual router unit and the 
second virtual router unit. 

Rao teaches a method of discovering a virtual router on a network wherein 
identification information for identifying a virtual private network corresponding to a first 
virtual router unit arranged within a first router is broadcast from the first virtual router 
unit to other routers (Col 9, Lines 44-51); reply information is returned from a second 
virtual router unit, which belongs to a same virtual private network as a virtual private 
network identified according to the identification information (virtual router replies if call 
request is accepted) (Col 9, Lines 47-51), to the first virtual router unit. 

Casey teaches creation of a control channel for transferring the routing . 
information is set up between the first virtual router unit and the second virtual router 
unit. Casey discloses that virtual routers discover each other and create a mesh of 
tunnels between each other to transfer routing information (Col 7, Lines 47-58). This 
allows routing information to be propagated across the network to other virtual routers to 
ensure that packets are properly routed. 
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Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to discover virtual routers using the method taught by Rao 
and exchange routing information between the routers via tunnels as taught by Casey. 
This would have allowed routing information to be transferred between routers to reflect 
changes in the network. 

1 5. With regard to claim 6, Rao further discloses that the first virtual router unit has 
an authentication client unit making a request to authenticate the first virtual router unit 
(client on first VR invokes authentication server); and the second virtual router unit has 
an authentication server unit performing authentication of the first virtual router unit at 
the request of the authentication client (Col 9, Line 60 to Col 10, Line 5). 

16. Claims 7 and 8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ishizaki et al. (US 2002/0156828) in view of Ho et al. (US 2002/01 16501) in further view 
of RFC 1058. 

1 7. With regard to claims 7 and 8, Ho further discloses removing a control channel 
connected to a router when all sessions have been terminated (Par 130-131). Ho fails to 
specifically disclose that the control channel is removed when a virtual router is deleted 
or updating a configuration map representing a configuration of the VPN after a 
predetermined time period elapses from when the control channel is removed. 

RFC 1058 discloses a well-known protocol to collect information about the 
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configuration of a network and share the information among routers in the network. RFC 
1058 discloses that a timer is maintained for each entry in the routing table. It is reset 
every time an update message is received from a neighboring router. If the timer 
expires, the neighboring router is assumed to have failed and the table is updated to 
indicate that the router is unreachable (Page 1 1 , Section 2.1). RFC 1058 further 
discloses that the routing table entries are not deleted until a second timer, the 
"garbage-collection" timer, expires. This allows other routers to be notified before the 
routing table entry is deleted. Use of a protocol such as RIP would have allowed a 
virtual router in the system disclosed by Ishizaki and Ho to determine when another 
virtual router had been deleted, and subsequently remove any control connections and 
update the configuration map to reflect the change in the network. 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to detect when a virtual router has been deleted, remove 
the control connection attached to it, and update the configuration tables after a 
predetermined time has passed. 

Conclusion 

1 8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aaron Strange whose telephone number is 571-272- 
3959. The examiner can normally be reached on M-F 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glen Burgess can be reached on 571-272-3949. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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7/12/2005 




jpNTON B. BURGESS 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



